Re: Shimming HTTP to HTTPS.
Hi.
On Thu, Aug 22, 2019 at 08:23:06AM -0700, peter@easthope.ca wrote:
> * From: Reco
> * Date: Sun, 28 Jul 2019 19:57:19 +0300
> > ... NSS is not the best TLS implementation. There's some hope for
> > dillo depending on if it uses openssl or gnutls.
>
> How do you evaluate these? Published review? Study of sources?
Easy. Take a server software that's intended to be used in Internet
environment. Look at its dependencies. Observe that it's either openssl
or gnutls or (very rare) mbedtls.
NSS is a popular choice for client software, relative ease of use being
its only redeeming quality.
> > Have you meant "Oberon sends HTTP request that should be transformed to
> > HTTPS"? That's where that hypothetical proxy comes in.
>
> OK, yes. If http://en.wikipedia.org/wiki/Linux is put in the URL bar
> of dillo, it opens https://en.wikipedia.org/wiki/Linux. If
> https://en.wikipedia.org/wiki/Linux is put in the URL bar, dillo
> opens it. I imagine similar behaviour in Oberon.
Relatively simple, but see below.
> > Oberon browser sends HTTP request, but gets HTTPS redirect (301/302) in
> > result.
>
> Yes; ideally, redirection is handled gracefully.
That's two different cases, this and the previous one.
The difference being - in this case a hypothetical proxy should
intercept a redirect, make HTTPS request on its own, get HTTP response
and present it to the browser as if redirect never happened.
And I can count at least three different ways of doing such redirect -
classic 301/302 HTTP code, <meta> redirect in HTML page, and Javascript
one. But again, see below.
> > Oberon browser sends HTTP request, proxy transforms it into HTTPS, gets
> > HTTPS reply, transforms it back into HTTP reply ... only to send Oberon
> > browser a huge pile of HTTPS links to pictures, css, js and whatnot.
>
> For now I'd be happy if Oberon could open the text in a
> simple page. https://en.wikibooks.org/wiki/Oberon/S3/2003-01-05/Mail.Mod
> for example.
Your link is a good example of case 3 - HTTP response peppered with
multiple HTTPS links. Hence, [1] is about the only reasonable choice you
have.
If you need an example of easy page, pardon the obscene lyrics, you need
this:
https://evenbettermotherfucking.website/
> > [1] https://github.com/tenox7/wrp
>
> Appears that a X86-64 or ARM system is required.
So? There's no law that requires a proxy to be on the same host as a
browser.
Reco
Reply to: